undefined | Better HN

0 pointsviccuad4y ago0 comments

> The way i read it, they're calling for open standards, which can be a good thing. > > Sadly, open standards also slow down the development of new features,

No. They are asking for endpoints and public APIs. Nobody is forced to adopt a standard, that is a fallacy you have just built (and has powered a tangential thread of 20 messages and counting.. debating something that is not in the topic).

Services will be forced to provide public endpoints and public APIs. Nobody is forcing them to shape them in any way. Consumers can decide to interface with them, or not. The onus on implementing and interfacing with them lays on the consumers. You don't need an agreement between everybody.

0 comments

8fingerlouie4y ago

> They are asking for endpoints and public APIs

How will they interface with the different APIs ? Or is it a single API defined by a standard ?

The first one means that most clients will play “whack a mole” with 20 APIs, trying to keep up with features. The second will be the lowest common denominator, limiting what can be sent between different clients. It would be the new “green bubble”.

Next, how do you identify people uniquely across different networks ? Phone number ? Email ? What happens if you’ve registered your Id in multiple places ? Or is it up to the sender to specify which network they wish to target ? Like someone@gmail.com@imessage ? The last one solves nothing. In case of multiple id registrations, should the network just keep trying round robin until it successfully delivers ? Or can I as a recipient register my preferred delivery network in case I never want Meta or Google to see my data ? Who maintains this central registry ? Will they do it for free ?

Now that we’ve established how to pass messages between networks, how do we secure them ? Do we use the iMessage model and use a central key repository ? Or do we implement a protocol (potentially per API) on how to acquire encryption keys ? Or do we simply skip encryption because security is hard ?

What about attachments ? Since most secure platforms use “per device” encryption, do we just send a 500GB attachment X times, one per device ? Do we limit the size of attachments ? iMessage solves this by encrypting it with a temporary key, and the attachment is then uploaded to Apples servers, and the temporary key is exchanged using normal messaging. Is that the way forward ? Will whoever handles it do it for free ? Do we trust them ?

What about Memoji/whatever the kids use ?

All of the above, and more, needs to be agreed on by all involved parties, which sets the lowest common denominator, either by a shared standard, or by reducing functionality for cross network messages. If it ends up complex enough to support all the features of modern instant messaging, it sets the bar rather high for new players. If it ends up simple, we have gained almost nothing over using SMS/MMS.

Things are never as simple as just exposing an API.

viccuadOP4y ago

You are moving goalposts. This legislation is not the end all be all, and only applies to those with ~7 billion capitalisation (so, Alphabet, Meta, Apple, Microsoft, and little more).

If you want to solve all those problems, you can use and push for Matrix for example.

8fingerlouie4y ago

Am I though ?

It applying only to ~7 billion capitalization only increases the chance that somebody uses their network, and as is already evident today, that is where the majority of conversations happen. It also increases the risk that my messages will be routed to somebody I don’t want poking through my messages, even if it’s metadata only, like Meta and Google.

It also increases the risk that I have registered the same ID with multiple providers.

I am not interested in solving the problem, and especially not interested in using Matrix. My only interest in this is I want to have functional instant messaging between people I know. Matrix does not solve that (for me).

My point was/is, that either the legislation solves nothing (open APIs, native “own network only” clients), or it creates a lot of problems (unified API, shared standard, cross platform messaging for all).

Also, imagine the spam you’ll receive if every email you’ve ever registered with some ~7 billion provider suddenly routes messages.

ensignavenger4y ago

Its not clear from the article what they are calling for- do you have a source?

But lets say you are right, and all that the affected messaging services have to do is provide an API- will the regulators require them to document this API (and if so, what standards will the documentation have to follow?) Will they complain if the API changes too rapidly? Will the API have to support tall of the same features as the messaging service?

As they say, the devils in the details, and right now I'm not seeing any details.

j / k navigate · click thread line to collapse

0 comments

8fingerlouie4y ago

> They are asking for endpoints and public APIs

How will they interface with the different APIs ? Or is it a single API defined by a standard ?

What about Memoji/whatever the kids use ?

Things are never as simple as just exposing an API.

viccuadOP4y ago

You are moving goalposts. This legislation is not the end all be all, and only applies to those with ~7 billion capitalisation (so, Alphabet, Meta, Apple, Microsoft, and little more).

If you want to solve all those problems, you can use and push for Matrix for example.

8fingerlouie4y ago

Am I though ?

It also increases the risk that I have registered the same ID with multiple providers.

Also, imagine the spam you’ll receive if every email you’ve ever registered with some ~7 billion provider suddenly routes messages.

ensignavenger4y ago

Its not clear from the article what they are calling for- do you have a source?

As they say, the devils in the details, and right now I'm not seeing any details.

j / k navigate · click thread line to collapse